Security News
Researchers say they found several stolen and leaked credentials for a Florida water-treatment plant, which was hacked last week. Researchers at CyberNews said they found 11 credential pairs linked to the Oldsmar water plant, in a 2017 compilation of stolen breach credentials.
A publicly exposed cloud storage bucket was found to contain images of hundreds of passports and identity documents belonging to journalists and volleyball players from around the world. Reverse-image searches for headshots revealed that these well-known European volleyball players were either directly associated with CEV or were part of a volleyball team or federation affiliated with the CEV. BleepingComputer also found some of CEV's assets in the bucket, such as branding images with CEV logos on them.
The new Edge 88 browser includes tough new security features, including a password generator and a tool for monitoring whether your login details have been exposed to the dark web. Microsoft Edge 88 is rolling out to users in the Stable channel alongside some new privacy-focused features, including a long-awaited credentials monitor and a built-in password generator.
Microsoft is rolling out a built-in password generator and a leaked credentials monitoring feature on Windows and macOS systems running the latest Microsoft Edge version. Microsoft Edge 88 now helps you improve the security of your online accounts with the password generator which suggests secure and strong passwords when updating existing credentials or signing up for new accounts.
The European Medicines Agency today revealed that some of the stolen Pfizer/BioNTech vaccine candidate data was doctored by threat actors before being leaked online with the end goal of undermining the public's trust in COVID-19 vaccines. EMA is the decentralized agency that reviews and approves COVID-19 vaccines in the European Union, and the agency that evaluates, monitors, and supervises any new medicines introduced to the EU. "The ongoing investigation of the cyberattack on EMA revealed that some of the unlawfully accessed documents related to COVID-19 medicines and vaccines have been leaked on the internet," the agency disclosed today.
The affected server, hosted by Tencent, was segmented into indices in order to store data obtained from each social-media source, which allowed researchers to look into the data further. "Our research team was able to determine that the entirety of the leaked data was 'scraped' from social-media platforms, which is both unethical and a violation of Facebook's, Instagram's and LinkedIn's terms of service," researchers said, in a Monday blog post.
Multiple code repositories from Nissan North America became public this week after the company left an exposed Git server protected with default access credentials. The entire collection is around 20 gigabytes large and contains source code for mobile apps and various tools used by Nissan internally for diagnostics, client acquisition, market research, or NissanConnect services.
Leading gaming companies, such as Ubisoft, have become big targets for cybercriminals that aim to turn a profit by selling leaked insider-credentials tied to the top game publishers. More than 500,000 of the leaked credentials pertained to employees of leading game companies, according to the report published Monday.
Workplace pension provider NOW: Pensions has emailed a number of UK customers to warn about a data leakage caused by contractor error. NOW: Pensions did not disclose how many records were exposed, nor how many third parties copied the leaked data.
Workplace pension provider NOW: Pensions has emailed a number of UK customers to warn about a data leakage caused by contractor error. NOW: Pensions did not disclose how many records were exposed, nor how many third parties copied the leaked data.